<?
require("required/dbconnect.php");


if (isset($_POST['paymethod'])) {
    require("required/function.php");


    $title = "Payment Method";
    require("required/share_function.php");
    require("required/header.php");
    require("required/email.php");

    $id = $_POST["id"];
    $paytype = $_POST["paymethod"];
    ?>		
    <table width="100%">
        <tr>
            <td class='page_title_bar'>
                Payment Method

            </td>					
        </tr>	

        <tr>
            <Td height="400" valign="top" >
                <table width="80%" align="center" class="success">
                    <td colspan="2">
                        <?
                        if ($paytype == 1) { //ebanking or cod
                            $get_bill = mysql_query("select * from os_bill_details where id=$id") or die(mysql_error());
                            $b = mysql_fetch_array($get_bill, MYSQL_ASSOC);

                            $email = $b['email'];
                            email_orderrequest($b['id']);
                            $or_number = $b['order_request_number'];
                            $update = mysql_query("update os_bill_details set status=1,payment_method=$paytype where id=$id") or die(mysql_error());
                            ?>

                            <div class="dw_success">An order request has been sent to <?= $email ?></div>	
                            If you haven't received it within 5 minutes, kindly check your junk mail or contact us for assistant. 
                            <br> Please record your order request number : <b><?= $or_number ?></b> for future reference.
                            <?
                        } elseif ($paytype == 2) {// credit card
                            $get_bill = mysql_query("select * from os_bill_details where id=$id");
                            $b = mysql_fetch_array($get_bill, MYSQL_ASSOC);
                            $get_item = mysql_query("select * from os_bill_items where bid=$id") or die("line 11" . mysql_error());
                            $count = mysql_num_rows($get_bill);

                            $get_info = mysql_query("select * from os_contactinfo where id=1") or die(mysql_error());




                            $i = mysql_fetch_array($get_info, MYSQL_ASSOC);
                            $cc_gatewayurl = $i['cc_gatewayurl'];
                            $cc_verifykey = $i['cc_verifykey'];
                            $cc_username = $i['cc_username'];
                            $cc_returnurl = $i['cc_returnurl'];
                            $delivery_charges = $i["cc_deliverycharge"];

                            $logo_url = $i['logo_url'];
                            $os_url = $i['website'];
                            $get_currency = mysql_query("select currency_code from os_currency where is_main=1") or die(mysql_error());
                            $currency_code = mysql_result($get_currency, 0, "currency_code");



                            $invoice_number = $b['invoice_number'];
                            $current_date = date('Y-m-d');

                            $get_counter = mysql_query("select * from os_counter where counter_type='I' and counter_date='$current_date'");

                            if (mysql_num_rows($get_counter) == 0) {
                                mysql_query("insert into os_counter(counter_type,counter_date,total_count)values('I','$current_date','1')");
                                $total_count = 1;
                            } else {
                                $total_count = mysql_result($get_counter, 0, "total_count") + 1;
                                mysql_query("update os_counter set total_count='$total_count' where counter_date='$current_date' and counter_type='I'");
                            }

                            $invoice_number = "I" . leading_zeros($total_count, 3) . "" . date("dmY");

                            $update = mysql_query("update os_bill_details set status=-4,invoice_number='$invoice_number',payment_method=$paytype,transport_fees='$delivery_charges' where id=$id") or die(mysql_error());
                            $totalAmount = $b['total_amount'] + $delivery_charges;
                            $description = 'Payment for Joeykidz.com for invoice ' . $invoice_number;
                            $vcode = md5($b['total_amount'] . $cc_username . $b['invoice_number'] . $cc_verifykey);
                            $url = $cc_gatewayurl;
                            $url.="amount=" . $totalAmount;
                            $url.="&orderid=" . urlencode($invoice_number);
                            $url.="&bill_name=" . urlencode($b['receiver_name']);
                            $url.="&bill_email=" . urlencode($b['email']);
                            $url.="&bill_mobile=" . urlencode($b['contact_number']);
                            $url.="&bill_desc=" . urlencode($description);
                            $url.="&country=MY";
                            $url.="&returnurl=" . urlencode($cc_returnurl);
                            $url.="&vcode=" . $vcode;
                            ?>
                            <div class="dw_success">You have choose to pay with Credit Card</div>	
                            <br>							
                            Click the button below to redirect to credit card payment page<br>
                            <br>	
                            <input type='button' name='sub' class='button' value='Proceed to Credit Card Payment' onClick="window.open('<?= $url ?>','_self')"> 

                            <?
                        } else {



                            $get_bill = mysql_query("select * from os_bill_details where id=$id");
                            $b = mysql_fetch_array($get_bill, MYSQL_ASSOC);
                            $delivery_charges = $b["transport_fees"];
                            $get_item = mysql_query("select * from os_bill_items where bid=$id") or die("line 11" . mysql_error());
                            $count = mysql_num_rows($get_bill);
                            $get_info = mysql_query("select * from os_contactinfo where id=1");
                            $i = mysql_fetch_array($get_info, MYSQL_ASSOC);
                            $websitename_eng = $i['website_name'];
                            $paypal_submit_url = $i['paypal_submit_url'];
                            $logo_url = $i['paypal_logo_url'];
                            $os_url = $i['website'];


                            if ($b['invoice_number'] == "") {
                                $current_date = date('Y-m-d');

                                $get_counter = mysql_query("select * from os_counter where counter_type='I' and counter_date='$current_date'");

                                if (mysql_num_rows($get_counter) == 0) {
                                    mysql_query("insert into os_counter(counter_type,counter_date,total_count)values('I','$current_date','1')");
                                    $total_count = 1;
                                } else {
                                    $total_count = mysql_result($get_counter, 0, "total_count") + 1;
                                    mysql_query("update os_counter set total_count='$total_count' where counter_date='$current_date' and counter_type='I'");
                                }

                                $invoice_number = "I" . leading_zeros($total_count, 3) . "" . date("dmY");
                            } else {
                                $invoice_number = $b['invoice_number'];
                            }


                            $get_currency = mysql_query("select currency_code from os_currency where is_main=1") or die(mysql_error());
                            $currency_code = mysql_result($get_currency, 0, "currency_code");
                            $paypal_emailaddress = $i['paypal_emailaddress'];
                            $paypal_returnurl = $i['paypal_returnurl'];

                            $shipping = number_format($b['transport_fees'], 2);

                            $notify_url = $os_url . "/paypal_ipn.php";






                            $update = mysql_query("update os_bill_details set status='-3',invoice_number='$invoice_number',transport_fees='$delivery_charges' where id=$id") or die(mysql_error());


                            echo" <form method='post' action='$paypal_submit_url'>
                                  <input type='hidden' name='cmd' value='_cart'>
                                  <input type='hidden' name='upload' value='1'>
                                  <input type='hidden' name='business' value='$paypal_emailaddress'>
                                  <input type='hidden' name='currency_code' value='$module_currency_code'>
                                  <input type='hidden' name='image_url' value='$logo_url'>
                                  <input type='hidden' name='notify_url' value='$notify_url' />
                                  <input type='hidden' name='cancel_return' value='$os_url'>
                                  <input type='hidden' name='return' value='$paypal_returnurl'>
                                  <input type='hidden' name='invoice' value='$invoice_number'>
                                  <input type='hidden' name='no_shipping' value='1'>
                                  <input type='hidden' name='rm' value='2'>
                                  <input type='hidden' name='cbt' value='Return to $websitename_eng'>
                                  ";


                            $no = 1;
                            while ($c = mysql_fetch_array($get_item)) {

                                $get_product = mysql_query('select * from os_products where id=' . $c['pid']);
                                $a = mysql_fetch_array($get_product, MYSQL_ASSOC);

                                echo "
                                      <input type='hidden' name='item_name_$no' value=\"" . htmlspecialchars($a['product_name_eng']) . "\">
                                      <input type='hidden' name='amount_$no' value='" . $c['price'] . "'>
                                      <input type='hidden' name='quantity_$no' value='" . $c['quantity'] . "'>";
                                $no++;
                            }
                            $no = $no - 1;
                            echo "
                          
                              <input type='hidden' name='shipping_$no' value='$delivery_charges'>
                              Click the button below to redirect to <img src='images/p1.gif' align='absmiddle'> payment page <br>
                              <br>
                              <input type='submit' name='sub' class='button' value='Proceed to Paypal now'> 
                              </form>";
                        }
                        ?>
                    </td>


                </table>
            </td>
        </tr>

    </table>


    <?
} else {
    header("Location:os_invalid.php");
    die();
}
require("required/footer.php");
?>	